Markets rocked by fake Twitter message

Published: Wednesday, April 24, 2013 1:15 a.m. CST

By MCT News Service

In the latest evidence of social media’s power and its vulnerability to potentially catastrophic cyber attacks, the financial markets were whipsawed Tuesday by a bogus Associated Press tweet sent out by hackers that claimed the White House had been hit by explosions and President Barack Obama had been injured.

The false report caused the Dow Jones industrial average to drop 144 points in a short time. Crude oil prices also briefly tumbled, while U.S. Treasuries and gold futures temporarily spiked. Within minutes, however, the AP disclosed that the tweet was erroneous and the markets returned to normal, with the Dow eventually rising 152 points for the day – or about 1 percent – to close at 14,719.

In the past couple of years, hackers have compromised a variety of news service Twitter accounts, including posting a phony Fox News tweet in 2011 that claimed Obama had been killed. But Tuesday’s tweet was stunning because of it immediately knocked the markets topsy-turvy. And several experts warned the public to expect other disruptions, particularly with the U.S. Securities and Exchange Commission’s recent announcement that companies can use Twitter and other social media to post their financial statements.

“I have no doubt we’ll see more of this,” said Michael Sutton, vice president of security research for Zscaler, a security company based in San Jose, Calif. While hacking isn’t new, he added, its effect can be magnified by social media, which so many people depend on for news. “Everything is just moving faster, that’s really the only change. The impact of this is quick and deep.”

Andrew Storms of nCircle, an information security company based in San Francisco, agreed.

“Certainly Facebook and other social-media outlets are really now the de facto outlets for news,” he said. “Because of that, these outlets and these accounts on Twitter are now high-profile targets for those meant to do bad.”

On the plus side, Storms said, the attacks could prompt social media sites and those using them to better protect themselves from cyber villains. But, he added, “the pessimist in me says it’s only going to get worse.”

Determining what is or isn’t true on Twitter has always been an issue. Just last week, the site was filled with a lot of useful information about the Boston Marathon bombings. But it also included a number of mistaken reports. Hackers purposely posting false information make it even tougher to know which tweets to believe.

On July 4, 2011, a phony Fox News tweet claimed the president had been fatally shot while campaigning in Iowa, adding, “the President is dead. A sad 4th of July indeed.” USA Today, NBC, CBS, eBay, Burger King and Jeep also reportedly have been victimized by bogus tweets.

Moreover, on Monday a fake tweet was sent out purportedly from Sepp Blatter, president of the world soccer organization FIFA, claiming he was stepping down from the group due to his involvement in corruption.

Experts said it was unclear to what extent Twitter or AP were responsible for the false tweet Tuesday. Some said the news organization should have been monitoring its tweets more closely. But they also said Twitter should institute two-factor authentication, requiring users to provide more than just a password to access the site.

In a terse statement, AP said, “Out of a sense of caution, we have suspended other AP Twitter feeds. We are working with Twitter to sort this out.”

Shortly before the phony Tweet went out, AP issued its staff a memo warning them that some staff members had gotten malicious emails attempting to lure them to a “bogus site requesting you to log on.” But AP declined to comment on that and it is unclear if that was related to the erroneous tweet.

Whatever enabled the hackers to compromise AP’s posts, “this is going to be an ongoing thing that we have to be very concerned about,” said JD Sherry, global director of technology and solutions for the Japanese security firm Trend Micro. “I think what we’re seeing here is something we track quite regularly – the dark side of social media.”